​IRS says records of more than 100,000 taxpayers hacked

Hackers have exploited an online service of the Internal Revenue Service to gain access to the information of more than 100,000 American taxpayers, the IRS admits.

The IRS said on Tuesday
that its “Get Transcript” service had been breached thousands of
times between February and mid-May this year during a span that
includes the height of the tax season.

According to the Associated Press, the hackers were able to get
tax returns and other tax information hosted on the site.

"In all, about 200,000 attempts were made from questionable
email domains, with more than 100,000 of those attempts
successfully clearing authentication hurdles," the agency
said. "During this filing season, taxpayers successfully and
safely downloaded a total of approximately 23 million
transcripts."

That trove, according to AP, may include Social Security numbers,
birthdays and other sensitive information.

Details about what exactly was taken and how it was accessed are
still developing, however, while the IRS says it is notifying
affected taxpayers.

“We’re confident that these are not amateurs but organized
crime syndicates that not only we, but others in the financial
industry are dealing with,” IRS Commissioner John Koskinen
said at a press conference.

News of the hack comes amid increased calls from Congress and the
White House for the government to pass cyber bills, including
efforts from the Obama administration to implement rules that
would require online services to better protect user data.

“This extraordinary interconnection” made possible by
the internet “creates enormous opportunities,” President
Obama said during a speech at the Federal Trade Commission in
January, “but also creates enormously vulnerabilities for us
as a nation and for our economy and for individuals.”

Last year, the Royal Canadian Mounted Police said that a
19-year-old hacker had exploited the highly publicized
“Heartbleed” bug in order to steal nearly 1,000 records belonging
to taxpayers that he pilfered from the Canadian Revenue Agency.

In the US, meanwhile, federal investigators have been probing how
cybercriminals have been able to generate profit by filing
fraudulent returns through TurboTax, a program that enables
Americans to easily pay their taxes to the IRS.

TurboTax maker Intuit said in a statement Tuesday that “this
episode reinforces the strategic urgency of the IRS Security
Summit process which Commissioner Koskinen has been vigorously
leading this year, and which we strongly support.”